<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link rel="stylesheet" type="text/css" href="css/template.css">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>HappyMeal Management System</title>
</head>

<body>
<div id='all'>
  <div id='all-wrap'> 
    
    <!--header begin-->
    <div id='wrap-header'>
      <?php
			include 'header.php';
		?>
    </div>
    <!--header end--> 
    
    <!--wrap-body begin-->
    <div id='wrap-body'> 
      <!-- wrap-content begin-->
      <div id='wrap-content'> 
        <!-- nav begin -->
        <div id='nav' style="padding-left:30px;">
          <h4>Current : <a href='main.php'>Main</a>
            <?php include 'nav_png.php'; ?>
            Restaurant</h4>
        </div>
        <!-- nav END --> 
        
        <!-- wrap-search begin -->
        <div id='wrap-search'> 
          <!-- No search module implemented for search--> 
        </div>
        <!-- wrap-search end --> 
        
        <!-- check if it is add or edit or view or delete -->
        <?php
				$show_alert = true;
				if(isset($_POST['partner_add'])){
					// partner_add
					$is_admin			= $_POST['is_admin'];
					$email 				= $_POST['email'];
					$password 			= $_POST['password'];
					$e_password 		= md5($password);
					$name 				= $_POST['name'];
					$address 			= $_POST['address'];
					$telephone 			= $_POST['telephone'];
					$open_hours			= $_POST['open_hours'];
					$description		= $_POST['description'];
					//Upload profile picture
					//Extracted from w3schools.com
					$allowedExts = array("gif", "jpeg", "jpg", "png");
					$temp = explode(".", $_FILES["profile"]["name"]);
					$extension = end($temp);
					$profile_picture_directory = "upload/profile/";

					if (((strtolower($_FILES["profile"]["type"]) == "image/gif")
								|| (strtolower($_FILES["profile"]["type"]) == "image/jpeg")
								|| (strtolower($_FILES["profile"]["type"]) == "image/jpg")
								|| (strtolower($_FILES["profile"]["type"]) == "image/pjpeg")
								|| (strtolower($_FILES["profile"]["type"]) == "image/x-png")
								|| (strtolower($_FILES["profile"]["type"]) == "image/png"))
								&& ($_FILES["profile"]["size"] < 1000000)
								&& in_array($extension, $allowedExts)){
  						if ($_FILES["profile"]["error"] > 0){
    						//echo "Return Code: " . $_FILES["profile"]["error"] . "<br>";
    					}else{
    						/*
							echo "Upload: " . $_FILES["profile"]["name"] . "<br>";
							echo "Type: " . $_FILES["profile"]["type"] . "<br>";
							echo "Size: " . ($_FILES["profile"]["size"] / 1024) . " kB<br>";
							echo "Temp file: " . $_FILES["profile"]["tmp_name"] . "<br>";
							*/
							if(false && file_exists($profile_picture_directory . $_FILES["profile"]["name"])){
								echo $_FILES["profile"]["name"]." already exists. ";
							}else{
								//Generate random name
								$random_name = generateRandomString();
								move_uploaded_file($_FILES["profile"]["tmp_name"],$profile_picture_directory.$random_name.".".$extension);
								//echo "Stored in: " .$profile_picture_directory. $_FILES["profile"]["name"];

								$profile_picture 	= $profile_picture_directory.$random_name.".".$extension;
							}
						}
					}else{
					  echo "Invalid file";
					}
					
					// Extracted from w3schools.com END
					
					//Parse the tag into a form xxx,yyy,zzz
					$tag				= "";
					$is_first = true;
					foreach($_POST['tag'] as $subtag){
						if($is_first){
							$tag = $subtag;
							$is_first = false;
						}else{
							$tag = $tag.",".$subtag;
						}
					}
					//Upload coupon picture
					//Extracted from w3schools.com
					$allowedExts = array("gif", "jpeg", "jpg", "png");
					$temp = explode(".", $_FILES["coupon"]["name"]);
					$extension = end($temp);
					$coupon_picture_directory = "upload/coupon/";
					if (((strtolower($_FILES["coupon"]["type"]) == "image/gif")
								|| (strtolower($_FILES["coupon"]["type"]) == "image/jpeg")
								|| (strtolower($_FILES["coupon"]["type"]) == "image/jpg")
								|| (strtolower($_FILES["coupon"]["type"]) == "image/pjpeg")
								|| (strtolower($_FILES["coupon"]["type"]) == "image/x-png")
								|| (strtolower($_FILES["coupon"]["type"]) == "image/png"))
								&& ($_FILES["coupon"]["size"] < 1000000)
								&& in_array($extension, $allowedExts)){
  						if ($_FILES["coupon"]["error"] > 0){
    						//echo "Return Code: " . $_FILES["coupon"]["error"] . "<br>";
    					}else{
    						/*
							echo "Upload: " . $_FILES["coupon"]["name"] . "<br>";
							echo "Type: " . $_FILES["coupon"]["type"] . "<br>";
							echo "Size: " . ($_FILES["coupon"]["size"] / 1024) . " kB<br>";
							echo "Temp file: " . $_FILES["coupon"]["tmp_name"] . "<br>";
							*/
							if(false && file_exists($coupon_picture_directory.$_FILES["coupon"]["name"])){
								echo $_FILES["coupon"]["name"] . " already exists. ";
							}else{
								$random_coupon_name = generateRandomString();
								move_uploaded_file($_FILES["coupon"]["tmp_name"],$coupon_picture_directory.$random_coupon_name.".".$extension);
								//echo "Stored in: " .$coupon_picture_directory. $_FILES["coupon"]["name"];
								
								$coupon_picture 	= $coupon_picture_directory.$random_coupon_name.".".$extension;
							}
						}
					}else{
					  echo "Invalid file";
					}
					
					// Extracted from w3schools.com END
					
					
					//$coupon				= $_POST['coupon'];
					//Datetime format : date ("Y-m-d H:i:s");
					$last_login			= "0000-00-00 00:00:00";
					$is_blocked			= $_POST['is_blocked'];

					//Prevent Double entering
					$sql_check = "SELECT * FROM restaurant WHERE email='$email' AND name='$name' AND address='$address' AND telephone='$telephone'";
					$sql_check_result = mysql_query($sql_check);
					if(mysql_num_rows($sql_check_result) < 1){
     					//Partner does not exist
						$sql_add = "INSERT INTO restaurant (is_admin,email,password,name,address,telephone,open_hours,description,profile_picture,tag,coupon,last_login,is_blocked) VALUES ('$is_admin','$email','$e_password','$name','$address','$telephone','$open_hours','$description','$profile_picture','$tag','$coupon_picture','$last_login','$is_blocked')";
						$sql_add_result = mysql_query($sql_add);
						if($sql_add_result){
							$message = "Successfully add new restaurant/admin";
						}else{
							$message = "Fail to add new restaurant - SQL ERROR";
						}
   					}else{
						//Partner already exists
						$message = "Fail to add new restaurant - RESTAURANT ALREADY EXISTS";
					}
				}else if(isset($_POST['partner_edit'])){

					// partner_edit
					$id 				= $_POST['id'];
					$is_admin			= $_POST['is_admin'];
					$email 				= $_POST['email'];
					$password 			= $_POST['password'];
					$e_password 		= md5($password);
					$name 				= $_POST['name'];
					$address 			= $_POST['address'];
					$telephone 			= $_POST['telephone'];
					$open_hours			= $_POST['open_hours'];
					$description		= $_POST['description'];				
					
					//Upload profile picture
					//Extracted from w3schools.com
					$allowedExts = array("gif", "jpeg", "jpg", "png");
					$temp = explode(".", $_FILES["profile"]["name"]);
					$extension = end($temp);
					$profile_picture_directory = "upload/profile/";
					$update_profile_picture = false;
					if($_FILES["profile"]["name"] != ""){
						//echo "update profile - not null name<Br>";
						if (((strtolower($_FILES["profile"]["type"]) == "image/gif")
								|| (strtolower($_FILES["profile"]["type"]) == "image/jpeg")
								|| (strtolower($_FILES["profile"]["type"]) == "image/jpg")
								|| (strtolower($_FILES["profile"]["type"]) == "image/pjpeg")
								|| (strtolower($_FILES["profile"]["type"]) == "image/x-png")
								|| (strtolower($_FILES["profile"]["type"]) == "image/png"))
									&& ($_FILES["coupon"]["size"] < 1000000)
									&& in_array(strtolower($extension), $allowedExts)){
							echo "update profile - passed test<Br>";
							if ($_FILES["profile"]["error"] > 0){
								//echo "Return Code: " . $_FILES["profile"]["error"] . "<br>";
							}else{
								/*
								echo "Upload: " . $_FILES["profile"]["name"] . "<br>";
								echo "Type: " . $_FILES["profile"]["type"] . "<br>";
								echo "Size: " . ($_FILES["profile"]["size"] / 1024) . " kB<br>";
								echo "Temp file: " . $_FILES["profile"]["tmp_name"] . "<br>";
								*/
								if(false && file_exists($profile_picture_directory . $_FILES["profile"]["name"])){
									echo $_FILES["profile"]["name"]." already exists. ";
								}else{
									$random_name = generateRandomString();
									move_uploaded_file($_FILES["profile"]["tmp_name"],$profile_picture_directory.$random_name.".".$extension);
									//echo "Stored in: " .$profile_picture_directory. $_FILES["profile"]["name"];
									echo "update profile <Br>";
									$update_profile_picture = true;
									
									$profile_picture 	= $profile_picture_directory.$random_name.".".$extension;
								}
							}
						}else{
						  echo "Invalid Profile Picture";
						}
						
						// Extracted from w3schools.com END
						
					}
					
					//Parse the tag into a form xxx,yyy,zzz
					$tag				= "";
					$is_first = true;
					foreach($_POST['tag'] as $subtag){
						if($is_first){
							$tag = $subtag;
							$is_first = false;
						}else{
							$tag = $tag.",".$subtag;
						}
					}
					//Upload coupon picture
					//Extracted from w3schools.com
					$allowedExts = array("gif", "jpeg", "jpg", "png");
					$temp = explode(".", $_FILES["coupon"]["name"]);
					$extension = end($temp);
					$coupon_picture_directory = "upload/coupon/";
					$update_coupon = false;
					if($_FILES["coupon"]["name"]!= ""){
						if (((strtolower($_FILES["coupon"]["type"]) == "image/gif")
								|| (strtolower($_FILES["coupon"]["type"]) == "image/jpeg")
								|| (strtolower($_FILES["coupon"]["type"]) == "image/jpg")
								|| (strtolower($_FILES["coupon"]["type"]) == "image/pjpeg")
								|| (strtolower($_FILES["coupon"]["type"]) == "image/x-png")
								|| (strtolower($_FILES["coupon"]["type"]) == "image/png"))
									&& ($_FILES["coupon"]["size"] < 1000000)
									&& in_array(strtolower($extension), $allowedExts)){
							if ($_FILES["coupon"]["error"] > 0){
								//echo "Return Code: " . $_FILES["coupon"]["error"] . "<br>";
							}else{
								/*
								echo "Upload: " . $_FILES["coupon"]["name"] . "<br>";
								echo "Type: " . $_FILES["coupon"]["type"] . "<br>";
								echo "Size: " . ($_FILES["coupon"]["size"] / 1024) . " kB<br>";
								echo "Temp file: " . $_FILES["coupon"]["tmp_name"] . "<br>";
								*/
								if(false && file_exists($coupon_picture_directory.$_FILES["coupon"]["name"])){
									echo $_FILES["coupon"]["name"] . " already exists. ";
								}else{
									$random_coupon_name = generateRandomString();
									move_uploaded_file($_FILES["coupon"]["tmp_name"],$coupon_picture_directory.$random_coupon_name.".".$extension);
									//echo "Stored in: " .$coupon_picture_directory. $_FILES["coupon"]["name"];
									//echo "update coupon <Br>";
									$update_coupon = true;
									
									$coupon_picture 	= $coupon_picture_directory.$random_coupon_name.".".$extension;
								}
							}
						}else{
						  echo "Invalid Coupon";
						}
						// Extracted from w3schools.com END
						
					}
					
					//Datetime format : date ("Y-m-d H:i:s");
					$last_login			= $_POST['last_login'];;
					$is_blocked			= $_POST['is_blocked'];
					
					$sql_edit = "UPDATE restaurant SET ";
					$sql_edit = $sql_edit."email='$email',";
					if($password!=""){
						$sql_edit = $sql_edit."password='$e_password',";
					}
					$sql_edit = $sql_edit."is_admin='$is_admin',name='$name',address='$address',telephone='$telephone',open_hours='$open_hours',description='$description',";
					if($update_profile_picture){
						$sql_edit = $sql_edit."profile_picture='$profile_picture',";
					}
					$sql_edit = $sql_edit."tag='$tag',";
					if($update_coupon){
						$sql_edit = $sql_edit."coupon='$coupon_picture',";
					}
					$sql_edit = $sql_edit."is_blocked='$is_blocked' ";
					$sql_edit = $sql_edit."WHERE id='$id'";
					if(mysql_query($sql_edit)){
						//successful
						$message = "Successfully update restaurant with id = ".$id;
						//echo "success";
					}else{
						$message = "Fail to update restaurant with id = ".$id;
						//echo "fail";
					}
					
				}else if(isset($_POST['partner_delete'])){
					// partner_delete
					$id = $_POST['id'];
					$sql_delete01 = "DELETE FROM restaurant WHERE id='$id'";
					if(mysql_query($sql_delete01)){
						//successful
						$message = "Successfully delete restaurant with id = ".$id;
					}else{
						$message = "Fail to delete restaurant with id = ".$id;
					}
				}else{
					// view all category only
					$show_alert = false;
				}
				
				if($show_alert){
	            	echo "<script type='text/javascript'>confirm(";
					echo json_encode($message);
					echo ");</script>";
				}
			?>
        
        <!-- Add button -->
        <h4 align="right" style="padding-right:20px;">
          <?php
				if($_SESSION['is_admin'] == 1){
            		echo "<a href='partner_add.php'>Add a new restaurant</a>";
				}
            ?>
        </h4>
        
        <!-- Print table of categories -->
        <?php
				if($_SESSION['is_admin'] == 1){
					// Display all restaurants when the user is an administrator
					$sql_view = "SELECT * FROM restaurant ORDER BY name ASC,id ASC";
				}else{
					// Display only logined user's restaurant
					$current_user_id = $_SESSION['id'];
					$sql_view = "SELECT * FROM restaurant WHERE id='$current_user_id'";
				}
				
				// Execute Query
				$result_view = mysql_query($sql_view);
				
				echo "<table id='partner_table'>";
				echo "<tr>";
				echo "<th style='width: 5%;'>ID</th>";
				echo "<th style='width: 35%;'>Name</th>";
				echo "<th style='width: 35%;'>Last Login</th>";
				echo "<th style='width: 10%;'>Blocked?</th>";
				echo "<th style='width: 10%;'>Admin?</th>";
				echo "<th style='width: 5%;'>Edit</th>";
				echo "</tr>";
				while($row = mysql_fetch_array($result_view)){
					$id 		= $row['id'];
					$name 		= $row['name'];
					$last_login = $row['last_login'];
					$is_blocked	= $row['is_blocked'];
					$is_admin	= $row['is_admin'];
					
					echo "<tr>";
					echo "<td align='center'>".$id."</td>";
					echo "<td align='center'>".$name."</td>";
					echo "<td align='center'>".$last_login."</td>";
					if($is_blocked == 0){
						//not blocked
						echo "<td align='center'>No</td>";
					}else{
						//blocked
						echo "<td align='center'>Yes</td>";
					}
					if($is_admin == 0){
						//not admin
						echo "<td align='center'>No</td>";
					}else{
						//is admin
						echo "<td align='center'>Yes</td>";
					}
					//echo "<td align='center'><a href='partner_edit.php?id=".$id."'>Edit</a></td>";
					echo "<td align='center'><input type='button' name='user_edit_btn' value='Edit' onclick='window.location=\"partner_edit.php?id=".$id."\";' />";

					echo "</tr>";
				}
				echo "</table>";
			?>
      </div>
      <!-- wrap-content end--> 
      
    </div>
    <!--wrap-body end--> 
    
    <!--wrap-footer begin-->
    <div id='wrap-footer'>
      <?php
			include 'footer.php';
		?>
    </div>
    <!--wrap-footer end--> 
    
  </div>
  <!--all-wrap end--> 
</div>
<!--all end-->
</body>
</html>